Virus Quetions

First of all, let me explain the problem: a windows based laptop won't boot in safe mode. It started in normal mode, but when I click on anything, messages about viruses pop-up. It's clearly infected. I can't get into msconfig, services, etc to shut down the virus on start up.

1. If I create a partition on the hard drive and backup my files to that partition, can the virus cross over to that partition and infect them (assuming it's not in the files I am moving).

2. If I bring this laptop to a shop that "repairs virus issues" without a clean install, what exactly do they do? i.e. is there software that removes viruses before the OS boots, etc?

1. If I create a partition on the hard drive and backup my files to that partition, can the virus cross over to that partition and infect them (assuming it's not in the files I am moving).

My recommendation on this would be to back up the files to its own partition or hard drive, clean the machine (whether via software or complete reinstall) and then scan all the files before putting them back.

2. If I bring this laptop to a shop that "repairs virus issues" without a clean install, what exactly do they do? i.e. is there software that removes viruses before the OS boots, etc?

Usually they run various software programs, but depending on how badly infected the machine is, they may recommend completely reinstalling.

If you can't get into Safe Mode, one thing you may want to try (which I do on occasion with various computers I work on), is boot into Windows normally, then quickly open task manager, and start killing processes that you don't need.... (shouldn't be too hard to determine what is unneeded)... Depending on the infection, you may be able to stop the process before it starts doing it's thing allowing you to be able to run scans and such.

then quickly open task manager, and start killing processes that you don't need.... (shouldn't be too hard to determine what is unneeded)... Depending on the infection, you may be able to stop the process before it starts doing it's thing allowing you to be able to run scans and such.

Good point.
I did not think of that.
I tried opening msconfig quickly (to shut down processes at startup) but after about ten seconds the virus took control. Shutting down suspicious processes in that time period would probably yield better results.

Good point.
I did not think of that.
I tried opening msconfig quickly (to shut down processes at startup) but after about ten seconds the virus took control. Shutting down suspicious processes in that time period would probably yield better results.

With msconfig, you usually need to restart for changes to take effect. Going through Task Manager is a better option as you're killing the process upon them starting. If you kill all the processes that are unneeded, you should have the basics running and should, in theory, be able to run msconfig afterwards....

Now.. just wondering... what happens when you try to boot into Safe Mode? Error...? Constant Reboot...?

With msconfig, you usually need to restart for changes to take effect. Going through Task Manager is a better option as you're killing the process upon them starting. If you kill all the processes that are unneeded, you should have the basics running and should, in theory, be able to run msconfig afterwards....

Now.. just wondering... what happens when you try to boot into Safe Mode? Error...? Constant Reboot...?

safe mode just hangs...it loads the basic drivers for hours and doesn't move. the only thing that actually loads is the full on version of windows in all it's glory.

What I was curious about in my first question was if I created a new partition and put a new install of the OS on it would it be safe from the virus or can it cross over? Would a new partition/install be a good solution here to get into the registry etc and make changes needed to remove the virus?

What I was curious about in my first question was if I created a new partition and put a new install of the OS on it would it be safe from the virus or can it cross over? Would a new partition/install be a good solution here to get into the registry etc and make changes needed to remove the virus?

A virus can go from one partition to another... yes... but it depends on the virus really as to what would actually happen.

Also, if you were to reinstall windows (on a new partition), then the registry which was created for the new windows install wouldn't have info about the virus as that would be on the old OS installation.

A virus can go from one partition to another... yes... but it depends on the virus really as to what would actually happen.

Also, if you were to reinstall windows (on a new partition), then the registry which was created for the new windows install wouldn't have info about the virus as that would be on the old OS installation.

Thanks, Hiker.

What would you do given the scenario that you can't log into the computer to do a backup, can't boot into safe mode, can't get into msconfig to shutdown exes, etc. Basically, you can't do anything. Is there any solution other than losing the data and doing a complete reformat?

If I create a new volume up and put a clean OS on it, can I "cross over" and backup files from the other partition? Either in the GUI or DOS would be fine. I'm just not sure how that works since I never had two installs on one machine.

I usually use a linux live cd to backup data from an unbootable windows system.

Also, you can boot from a clean windows installation and access the bad partitions, I would recommend you pull the bad drive, install a new drive, install windows, add the bad drive back as a 2nd disk.

What would you do given the scenario that you can't log into the computer to do a backup, can't boot into safe mode, can't get into msconfig to shutdown exes, etc. Basically, you can't do anything. Is there any solution other than losing the data and doing a complete reformat?

If I create a new volume up and put a clean OS on it, can I "cross over" and backup files from the other partition? Either in the GUI or DOS would be fine. I'm just not sure how that works since I never had two installs on one machine.

I, personally, would pull the hard drive out, place it in a 2.5" external enclosure, and copy the files I need to another hard drive (data files only while performing a scan on all of the files). Then completely reformat and reinstall after reinstalling the hard drive back into the laptop.

Or, as Doug mentioned, you can use a linux live cd or get a new hard drive altogether.